I have VBP-ST 5300, Version 11.2.16. It was installed a month ago. It's been properly installed and linked to CMA as well. It works fine.
But recently, the VBP-ST locks up itself. It works fine for about a week and then freezes. RP and CMA-D user cannot register to the gatekeeper; I cannot remote into the VBP interface. The only way to address this problem is to hard reboot.
No recent changes has been made to the VBP or the CMA. I can rule out the abnormally high traffic and DOS attack. What could be the cause for this problem?
Any suggestions will be appreciated.
Did you close https\ssh access to the VBP through WAN port?
check the VBP logs:
in the messages file you can find a recently activity and access log.
I have attached the screenshot of what I have in the VBP-ST. Do I need to check all the possible access?
Can you tell me in detail, how to check the VBP log?
I couldn't find the recent activity and access log.
I feel you didn't add special firewall rules to the VBP-ST and you have a remote http\https\ssh access through WAN (Subscriber) interface.
On my opinion it is a big threat to your network security, because you of course haven't changed the default root Linux password and any malefactors can connect using default password to your VBP through ssh and have an access to your local network.
I usually close any remote management access to VBP through WAN (Subscriber) interface.
iptables -I INPUT -i eth0+ -p tcp –dport 80 -j DROP #drop http iptables -I INPUT -i eth0+ -p tcp –dport 443 -j DROP #you should use 445! iptables -I INPUT -i eth0+ -p tcp –dport 23 -j DROP #drop telnet iptables -I INPUT -i eth0+ -p tcp –dport 22 -j DROP #drop SSH iptables -I INPUT -i eth0+ -p tcp –dport 161 -j DROP #drop SNMP iptables -I INPUT 1 -i eth0+ -p icmp -j DROP #drop ICMP
Can you tell me in detail, how to check the VBP log? I couldn't find the recent activity and access log.
as I've mentioned the logs are in /var/log folder. if you'd like check it you have to: